A piece of news which came into being this week suggests that around two million Internet of Things devices are presently vulnerable to be attacked. And this vulnerability isn't because of some external factor rather the vulnerability has been embedded deep with the IoT devices: a contaminated and unaccountable chain of supply.
By the looks of it, the IoT devices are incredibly vulnerable because of a massive bug embedded in their software. On the other hand, this also suggests that the two million IoT devices suggest similar software, according to Paul Marrapese, a cybersecurity researcher. Mr. Marrapese has provided a detailed account of the flaw on a dedicated site after he didn't receive any response from the manufacturers and vendors of the device.
One of the significant advantages of the Internet of Things devices is that they can be easily connected remotely from anywhere around the world. People can check on their home security CCTV camera even when they are on holiday. The conventional home devices used to utilize a port on the WiFi router installed in the homes for reaching out to them.
The P2P tech allows the people to connect to the security camera by merely utilizing a unique serial number. Most of the Internet of Things or connected devices use the P2P tech that allows the people to connect to them by only using the internet without having to tap on an added configuration.
And now the problem lies in a very insecure version of iLnkP2P, a Peer to Peer software. By the looks of it, hundreds of manufacturers of the IoT devices are currently utilizing the software which has been curated by the Shenzhen Yunni Technology Company. According to Marrapese, the software is embedded with a couple of vulnerabilities: first, Attackers can swiftly guess the serial number of the connected device. The second vulnerability allows the attackers to intercept the connections to the devices, such as acquiring data that the user exchanges with the devices. The bug is extremely volatile.
**This post was published on https://www.infosecurity-magazine.com
A post graduate and gold medalist in English literature with a great passion for writing. I am an avid blogger and love to write technical and nontechnical Articles, Blogs, e-books, the latest platform of global interest. I firmly believe in the healing power of writing and how it works fantastically to improve one’s creativity as well as personality. Life is too short to express yourself so, keep writing and enjoying.
Sep 30, 2019 | IoT Companies News
Sep 27, 2019 | IoT Companies News
Sep 24, 2019 | IoT Companies News
Sep 23, 2019 | IoT Companies News
Sep 19, 2019 | IoT Companies News